study completed by Prevalent company, a recognized service provider in the field of third-party risk management, a number of shocking discoveries related to the impending danger of third-party data breaches have been made.
The study illustrating the reception generated from 50 IT professionals in February and March of this year clearly evidences almost a 50% jump in the number of breaches done by third parties compared to the previous year. These two years registered over three times more events compared to 2021, suggesting cyber security’s growing complexity.
Scale of breaches
The report, led by Prevalent CEO Kevin Hickey, not only focuses on reducing the number of breaches but also pays attention to the dimension of the size of the breaches. There was a multiplicity of breaches of supply chain extended systems that affected organizations such as Okta, LastPass, Change Healthcare, and PJ&A, as they exposed a record of millions around the world. Hickey emphasizes that third parties become an inevitable subject of cyberattacks; therefore, organizations must be recommended to address the top issues relating to cyber security.
One of the main issues of this study, companies’ independent weakness of their third-party providers’ security, has been found. The extensive adoption of TPRM as well as the weak coordination in organizational security sphere merely reaches between one third of executives . According to Brad Hibbert, the COO of Prevalent, the lack of well-functioning and adequate connection often seen as a symptom of the heavy reliance on individual tools, which translates into insufficient protection of supply chains from various threats.
Recommendations from study
The study puts over a matter of resource restrictions that obstruct organizations’ efforts to build their backbones with respect to the third party breaches. It’s so much alarming that even with such an incredible figure of 3,200 third-party relationships are shared with others, the monitoring or assessment of only 33% of these vendors is underway.
Using Excel decades old as the key instrument to perform vendor analysis, is still present in many cases, with such tool been used for half the companies. These organizations solely relying on ineffective systems acts as a serious block to efforts that will see a reduction in risks.
The findings of this study carry many important implications, which are highlighted by the 3 key recommendations, the implementation of dedicated TPRM platforms;, coordinating efforts and,, using recent technologies, like AI, to make cybersecurity better. However, tackling this issue through the creation of personalized units assigned to supervise third-party security issues arises as a vital necessity that companies should be ready for.
From Zero to Web3 Pro: Your 90-Day Career Launch Plan